Labels

Saturday 19 May 2012

Delete An "undeletable" File


Open a Command Prompt window and leave it open.
Close all open programs.
Click Start, Run and enter TASKMGR.EXE
Go to the Processes tab and End Process on Explorer.exe.
Leave Task Manager open.
Go back to the Command Prompt window and change to the directory the AVI (or other undeletable file) is located in.
At the command prompt type DEL <filename> where <filename> is the file you wish to delete.
Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell.
Close Task Manager.


Or you can try this

Open Notepad.exe

Click File>Save As..>

locate the folder where ur undeletable file is

Choose 'All files' from the file type box

click once on the file u wanna delete so its name appears in the 'filename' box

put a " at the start and end of the filename
(the filename should have the extension of the undeletable file so it will overwrite it)

click save,

It should ask u to overwrite the existing file, choose yes and u can delete it as normal


Here's a manual way of doing it. I'll take this off once you put into your first post zain.

1. Start
2. Run
3. Type: command
4. To move into a directory type: cd c:\*** (The stars stand for your folder)
5. If you cannot access the folder because it has spaces for example Program Files or Kazaa Lite folder you have to do the following. instead of typing in the full folder name only take the first 6 letters then put a ~ and then 1 without spaces. Example: cd c:\progra~1\kazaal~1
6. Once your in the folder the non-deletable file it in type in dir - a list will come up with everything inside.
7. Now to delete the file type in del ***.bmp, txt, jpg, avi, etc... And if the file name has spaces you would use the special 1st 6 letters followed by a ~ and a 1 rule. Example: if your file name was bad file.bmp you would type once in the specific folder thorugh command, del badfil~1.bmp and your file should be gone. Make sure to type in the correct extension.

Cracking Zip Password Files


Tut On Cracking Zip Password Files..

What is FZC? FZC is a program that cracks zip files (zip is a method of compressing multiple files into one smaller file) that are password-protected (which means you're gonna need a password to open the zip file and extract files out of it). You can get it anywhere - just use a search engine such as altavista.com.
FZC uses multiple methods of cracking - bruteforce (guessing passwords systematically until the program gets it) or wordlist attacks (otherwise known as dictionary attacks. Instead of just guessing passwords systematically, the program takes passwords out of a "wordlist", which is a text file that contains possible passwords. You can get lots of wordlists at www.theargon.com.).
FZC can be used in order to achieve two different goals: you can either use it to recover a lost zip password which you used to remember but somehow forgot, or to crack zip passwords which you're not supposed to have. So like every tool, this one can be used for good and for evil.
The first thing I want to say is that reading this tutorial... is the easy way to learn how to use this program, but after reading this part of how to use the FZC you should go and check the texts that come with that program and read them all. You are also going to see the phrase "check name.txt" often in this text. These files should be in FZC's directory. They contain more information about FZC.
FZC is a good password recovery tool, because it's very fast and also support resuming so you don't have to keep the computer turned on until you get the password, like it used to be some years ago with older cracking programs. You would probably always get the password unless the password is longer than 32 chars (a char is a character, which can be anything - a number, a lowercase or undercase letter or a symbol such as ! or &) because 32 chars is the maximum value that FZC will accept, but it doesn't really matter, because in order to bruteforce a password with 32 chars you'll need to be at least immortal..heehhe.. to see the time that FZC takes with bruteforce just open the Bforce.txt file, which contains such information.
FZC supports brute-force attacks, as well as wordlist attacks. While brute-force attacks don't require you to have anything, wordlist attacks require you to have wordlists, which you can get from www.theargon.com. There are wordlists in various languages, various topics or just miscellaneous wordlists. The bigger the wordlist is, the more chances you have to crack the password.
Now that you have a good wordlist, just get FZC working on the locked zip file, grab a drink, lie down and wait... and wait... and wait...and have good thoughts like "In wordlist mode I'm gonna get the password in minutes" or something like this... you start doing all this and remember "Hey this guy started with all this bullshit and didn't say how I can start a wordlist attack!..." So please wait just a little more, read this tutorial 'till the end and you can do all this "bullshit".

We need to keep in mind that are some people might choose some really weird passwords (for example: 'e8t7@$^%*gfh), which are harder to crack and are certainly impossible to crack (unless you have some weird wordlist). If you have a bad luck and you got such a file, having a 200MB list won't help you anymore. Instead, you'll have to use a different type of attack. If you are a person that gives up at the first sign of failure, stop being like that or you won't get anywhere. What you need to do in such a situation is to put aside your sweet xxx MB's list and start using the Brute Force attack.
If you have some sort of a really fast and new computer and you're afraid that you won't be able to use your computer's power to the fullest because the zip cracker doesn't support this kind of technology, it's your lucky day! FZC has multiple settings for all sorts of hardware, and will automatically select the best method.

Now that we've gone through all the theoretical stuff, let's get to the actual commands.


--------------------------------------------------------------------------------
Bruteforce
--------------------------------------------------------------------------------


The command line you'll need to use for using brute force is:

fzc -mb -nzFile.zip -lChr Lenght -cType of chars

Now if you read the bforce.txt that comes with fzc you'll find the description of how works Chr Lenght and the Type of chars, but hey, I'm gonna explain this too. Why not, right?... (but remember look at the bforce.txt too)

For Chr Lenght you can use 4 kind of switches...

-> You can use range -> 4-6 :it would brute force from 4 Chr passwors to 6 chr passwords
-> You can use just one lenght -> 5 :it would just brute force using passwords with 5 chars
-> You can use also the all number -> 0 :it would start brute forcing from passwords with lenght 0 to lenght 32, even if you are crazy i don't think that you would do this.... if you are thinking in doing this get a live...
-> You can use the + sign with a number -> 3+ :in this case it would brute force from passwords with lenght 3 to passwords with 32 chars of lenght, almost like the last option...

For the Type of chars we have 5 switches they are:

-> a for using lowercase letters
-> A for using uppercase letters
-> ! for using simbols (check the Bforce.txt if you want to see what simbols)
-> s for using space
-> 1 for using numbers


Example:
If you want to find a password with lowercase and numbers by brute force you would just do something like:

fzc -mb -nzTest.zip -l4-7 -ca1

This would try all combinations from passwords with 4 chars of lenght till 7 chars, but just using numbers and lowercase.

*****
hint
*****

You should never start the first brute force attack to a file using all the chars switches, first just try lowercase, then uppercase, then uppercase with number then lowercase with numbers, just do like this because you can get lucky and find the password much faster, if this doesn't work just prepare your brain and start with a brute force that would take a lot of time. With a combination like lowercase, uppercase, special chars and numbers.


--------------------------------------------------------------------------------
Wordlis
--------------------------------------------------------------------------------

Like I said in the bottom and like you should be thinking now, the wordlist is the most powerfull mode in this program. Using this mode, you can choose between 3 modes, where each one do some changes to the text that is in the wordlist, I'm not going to say what each mode does to the words, for knowing that just check the file wlist.txt, the only thing I'm going to tell you is that the best mode to get passwords is mode 3, but it takes longer time too.
To start a wordlist attak you'll do something like.

fzc -mwMode number -nzFile.zip -nwWordlist

Where:

Mode number is 1, 2 or 3 just check wlist.txt to see the changes in each mode.
File.zip is the filename and Wordlist is the name of the wordlist that you want to use. Remember that if the file or the wordlist isn't in the same directory of FZC you'll need to give the all path.

You can add other switches to that line like -fLine where you define in which line will FZC start reading, and the -lChar Length where it will just be read the words in that char length, the switche works like in bruteforce mode.
So if you something like

fzc -mw1 -nztest.zip -nwMywordlist.txt -f50 -l9+

FZC would just start reading at line 50 and would just read with length >= to 9.

Example:

If you want to crack a file called myfile.zip using the "theargonlistserver1.txt" wordlist, selecting mode 3, and you wanted FZC to start reading at line 50 you would do:

fzc -mw3 -nzmyfile.zip -nwtheargonlistserver1.txt -f50


--------------------------------------------------------------------------------
Resuming
--------------------------------------------------------------------------------

Other good feature in FZC is that FZC supports resuming. If you need to shutdown your computer and FZC is running you just need to press the ESC key, and fzc will stop. Now if you are using a brute force attack the current status will be saved in a file called resume.fzc but if you are using a wordlist it will say to you in what line it ended (you can find the line in the file fzc.log too).
To resume the bruteforce attack you just need to do:

fzc -mr

And the bruteforce attack will start from the place where it stopped when you pressed the ESC key.
But if you want to resume a wordlist attack you'll need to start a new wordlist attack, saying where it's gonna start. So if you ended the attack to the file.zip in line 100 using wordlist.txt in mode 3 to resume you'll type

fzc -mw3 -nzfile.zip -nwwordlist.txt -f100

Doing this FZC would start in line 100, since the others 99 lines where already checked in an earlier FZC session.


Well, it looks like I covered most of what you need to know. I certainly hope it helped you... don't forget to read the files that come with the program

How To: Change Your Ip In Less Then 1 Minute


Change Your Ip In Less Then 1 Minute

1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok

You should now be at an MSDOS prompt screen.

4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"

You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again

You should now be back to the "Local Area Connection" screen.

15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
tongue.gif 18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address

With a little practice, you can easily get this process down to 15 seconds.

P.S:
This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back

Change Text on XP Start Button


A very simple trick that changer yours XP start button to your customized test.

Step 1 - Modify Explorer.exe File

In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article I have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Microsoft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.

get this from h**p://delphi.icm.edu.pl/ftp/tools/ResHack.zip

The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.

The category we are going to be using is "String Table". Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.

There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry. In my case I used Click Me!

You’ll notice that after the new text string has been entered the Compile Script button that was grayed out is now active. I won’t get into what’s involved in compiling a script, but suffice it to say it’s going to make this exercise worthwhile. Click Compile Script and then save the altered file using the Save As command on the File Menu. Do not use the Save command – Make sure to use the Save As command and choose a name for the file. Save the newly named file to C:\Windows.


Step 2 – Modify the Registry

!!!make a backup of your registry before making changes!!!

Now that the modified explorer.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open field. Navigate to:

HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon

In the right pane, double click the "Shell" entry to open the Edit String dialog box. In Value data: line, enter the name that was used to save the modified explorer.exe file. Click OK.

Close Registry Editor and either log off the system and log back in, or reboot the entire system if that’s your preference. If all went as planned you should see your new Start button with the revised text.[/b] 

Boot Winxp Fast


Boot your Winxp Fast

Follow the following steps

1. Open notepad.exe, type "del c:\windows\prefetch\ntosboot-*.* /q" (without the quotes) & save  as     "ntosboot.bat" in c:\
2. From the Start menu, select "Run..." & type "gpedit.msc".
3. Double click "Windows Settings" under "Computer Configuration" and double click again on "Shutdown" in the right window.
4. In the new window, click "add", "Browse", locate your "ntosboot.bat" file & click "Open".
5. Click "OK", "Apply" & "OK" once again to exit.
6. From the Start menu, select "Run..." & type "devmgmt.msc".
7. Double click on "IDE ATA/ATAPI controllers"
8. Right click on "Primary IDE Channel" and select "Properties".
9. Select the "Advanced Settings" tab then on the device or 1 that doesn't have 'device type' greyed out select 'none' instead of 'autodetect' & click "OK".
10. Right click on "Secondary IDE channel", select "Properties" and repeat step 9.
11. Reboot your computer.

Thursday 17 May 2012

Compress 1GB File to 10MB with KGB Archiver

KGB Archiver is an opensource software which can compress 1 GB file to 10 MB file. This software  is based on PAQ6 algorithm which has AES-256 powerful encryption. KGB archiver is available for Linux and Windows both. 
This software case too much time to compress a file as we can see that the compression ratio is very hign. But the time depends on the size of file being compressed. File compressed with KGB Arciver can only be decompressed with this tool only. If you are compressing any file with KGB archiver and sending the comprssed file to your friends then he must have KBG archiver installed on his computer to decompress the file.
Note: Some of you may not feel happy after reading this not. Because this tool can not compress video files. This tool can only compress 




Features of KGB Archiver: These are some features of this cool compression software.

  • Supports native .kgb files and .zip files
  • AES-256 Encryption
  • Able to create self-extracting archives.
  • Multilanguage supports like Arabic, German, Greek, Japanese, Spanish many more.
  • Unicode is supported in both User Interface and File Systems.
  • An Explorer shell extension is available for the windows version.
  • Make Password protected compressed file.

Download your Facebook albums with Photograbber

Facebook the largest social network is a virtual world where people spend more time than real world. We all use it to share our daily experience, photos, videos and everything we think. We can easily create albums and create photos with friends. 
Sometimes we need to download all the photos in our system. Although, Facebook has given an option to download all Facebook data including status and comments. But what if we only want to download photos. There are some nice tools which can help. PhotoGrabber is also a nice tool to download photos from Facebook.


Follow these steps:

  • Download PhotoGrabber Desktop client. It is available for windows or MAC.
  • Signin with your Facebook account and allow this application to access account.
  • Now you will see your album listed on the application.
  • select the album you want to download and hit the download begin button.
  • Downloading will start within few seconds.

iCrypt Err0r Version | make trojan FUD






This is a simple encryptor which makes your trojan undetectable from antiviruses. Encrypt your trojan and check it with NoVirusThanks.org


Download Here
http://www.ziddu.com/download/15913691/iCrypt_Err0r_Version.rar.html

free download Spyware Terminator 2.8.2.192



Spyware Terminator 2.8.2.192 | 11.09MB

Millions of users worldwide rely on Spyware Terminator, winner of many awards and high ratings from industry experts and users. Its free comprehensive protection is comparable to competitors paid versions!




Spyware Terminator includes: 
. Fast spyware scanning
. 100% real time protection
. HIPS protection
. Antivirus protection
. Multilanguage Support
. Free automatic updates
. Free scheduled scans
. Free support 

Spyware Terminator will scan your computer for known threats and report findings in a manner that is easy to read and interpret. Every entry is given a rating and a classification, which makes it very easy to decide if a detected item should be removed. Unlike some free software titles, Spyware Terminator will remove all threats for free. 
Spyware Terminator is licensed for free for both home and business use.

Download Here 
http://hotfile.com/dl/85281755/3353b7d/28-SpywareTerminator.rar.html   
http://www.fileserve.com/file/C8gW4rx/28-SpywareTerminator.rar 

How to make trojan, kelogger undetectable from antivirus

In my previous post i wrote about trojan and how to crate a trojan server to hack but all famous trojan servers are detected by antivirus and thus useless. Here i am going to write the method to make your trojan, keylogger and RAT FUD (fully undetectable) by antivirus softwares.


1- download PC Guard For Windows
http://www.mediafire.com/?dgt9y9d12dn0jom 


2. Open PC Guard , and in the "Application filename" browse your server's location.

3. Click on the "General" tab, and check the options like on the image below.


3. Now do the same with the "Security & Encryption" tab. Look at the image below to see what options to check


4. At the end choose "Protection Methods", and select the following options:


You have done it....

Now your server, keylogger is FUD(Fully undetectable) from antivirus and other security tools.

How to hack with Trojan | Prorat tutorial

Prorat a famous trojan for hacking system, facebook, gmail, yahoo, twitter and other accounts. Today i wil show you step by step guide to hack with Prorat.


First of download Prorat from the given link
ProRat


Then disable your antivirus. It is necessary other wise your downloaded trojan will be detected and deleted. Don't worry, it will not harm your system at this stage.


Now run Prorat.exe
You will see the prorat window. There are so many options but you have to create a server first. 


So click on create server.
There will be 3 options

  1. Create Prorat server
  2. Create Downloader Server
  3. Create Cgi Victim List & usage



now click on create prorat server


A new window will popup. which will have a lots of options in side bar.

  • Notifications
  • General settings
  • Bind with Files
  • Server extnsions
  • Server Icons



You have to use all options one by one to create a server.
Now in Notofication. Mark on Use Mail Notification and enter your email id. there will be a default id. Erase it and enter your. Then Test. It will send a testing mail to your email. Check your spam too.


Then Go to general settings and select all the options which you want to have in your trojan.


Then go to Bind with file and select file to bind your trojan with.
At last select your server extension and icon. Then click on Create server.
Now you have created a server.


Send this server file to the victim you want to hack, but before sending this file to victim make it FUD (Fully UnDetectable) with FUD cryptors. Search for this website for FUD articles. 
after creating server FUD, it is ready to send to the victim.


Send this file to the victim. If the victim will run the server in the system, Trojan server will send you the notification email with the IP address of the victim. Use this ip and run your prorat.


At the top there is an option for IP and port. Enter thr IP and port and click on connect.
wait to connect.
After getting connected to the victim's system.. you can use any of the options available on the prorat to hack the user's system

Download DarkComet-RAT v4.2 fwb (Firewall bypass)





This version of DarkComet is firewall bypass. It will inject to web browsers and bypass firewall rules.
Targets are in this order : Firefox, Opera, Chrome, Safari, Internet Explorer and Explorer if all fails (normally never) then it runs normally. Notice now you can use remote computers as SOCKS5 proxies


Download Here:
http://www.darkcomet-rat.com/process_download.php?id=6

Introduction to ping sweep

Before writing about Ping sweep, i would like to introduce Ping. Ping is a network based utility which is used to know if a host is alive or dead on the network. Suppose i want to check for hackingtricks.in
 if we get the response it means website is live. You can check for a system by its IP address or a website by its domain name. We can use this program to detect host like website, computer system, printer, network or any device.


Ping Sweep:Ping Sweep also known as ICMP sweep is a network scanning technique which is used to determine which of a range of IP addresses map to live hosts. As we have seen in Ping, which is used for single computer. This is used for a renge of IP address for various computers. ping sweep consists of ICMP (Internet Control Message Protocol) ECHO requests sent to multiple hosts. If a system (HOST) is live, it will reply with ICMP ECHO reply.
There are a various tools available that can be used to do a ping sweep, such as fping, gping, and nmap.
Download Fping here: http://fping.sourceforge.net/

FBI and SOCA Seize 36 Websites For Card Fraud


Federal Bureau of Investigations (FBI) and Serious Organized Crime Agency (SOCA) has worked together and seized 36 domains. All these 36 websites were involved in the credit card frauds. These websites were all found to be trading illegally-obtained payment card details.

Organization has also informed the financial institutions and banks whose customers have been affected by these cybercriminal websites. They also claimed to prevented fraud that might have cost individuals and companies more than £500 million. So we can say that this is one of biggest anti-fraud operation of recent days.

“This operation is an excellent example of the level of international cooperation being focused on tackling online fraud,” said Lee Miles, Head of Cyber Operations for SOCA.

“Our activities have saved business, online retailers and financial institutions potential fraud losses estimated at more than half a billion pounds, and at the same time protected thousands of individuals from the distress caused by being a victim of fraud or identity crime.”

In past two years, law enforcement agencies from many countries have worked together to prevent online fraud and cyber crimes. Although, cyber crimes are increasing day by day but this kind of strong steps against cyber criminals will surely make some positive impact.

Law enforcement agencies claim to save many personal accounts which can be misused by these fraudster websites. And these websites can help in identifying more websites which are involved in these kinds of crimes.

At last, it’s my personal advice to all internet users to be safe as much as they can. If they want to purchase something online, then take care while choosing the merchant. Try to purchase only from the trusted vendors and ensure that your personal and card information don’t end up in the wrong hands.

5 things a Beginner Hacker Should Know

Here are few points for beginners which they should know.


  1. At this stage, most of the students search for hacking tools and software. But Here i want to make this clear that no tool and software exists which can hack Gmail, Facebook, Yahoo, twitter or any aother website or email account in just few clicks. These types of posts on internet are just for attracting visits and spread spams. Most of this type of hacking tools are binded with trojans which leads your system at risk. The recent example it Anonymous LOIC tool which is used to hack members to use their system in criminal activities.
  2. Never use any premium keylogger which is available free on filehosting websites. Hackers always host this type of tool with Trojans. After installing this type of keyloggers you will be hacked. 
  3. Never pay for hacking on the websites which are asking money in return of hacking. If you want to pay for any hacking book, tool or other kit, pay only on the trusted websites. 
  4. Join any good hacking forum and learn new things from the experts. Never follow a person just for his claims. Always follow a person who has real knowledge. Adding hacker word is not going to make anyone hacker. There are many Javascript pranks and online websites are available which are used to create fake screenshot and defacing pages. These are used by many noobs to create some fake hacking screenshot to share on Facebook. And beginners follow them thinking as a hacker.
  5. Learn Programming languages and networking. These are must to be a hacker. Most of the hacking attacks such as SQL injection, PHP injection, XSS, Phising and many other needs the knowledge of programming.

Hacker is not the person who use keyloggers for hacking email ids and deface low secure innocent websites. Hacker is the person with indepth knowledge of computer who can create his own exploits to hack in the secure systems and servers. hacker is the person who is ready to take challenges. You may heard the name of many hacking groups who deface innocent websites just for fame. I think they are nothing just a noob. Hacking a school website or a shop website is not going to make you a hacker.  

what is Ethical hacking and penetration testing


Cyber world, the virtual world on the internet is now a part of our daily life. Every person, who use internet either by computer or by any other gadgets, is a part of the cyber world. But Cyber world is also full of thieves as real world. So security is must. If you do proper security for all your physical things in real world, you must be aware of the security of the things you have in cyber world. If you think, you are not a computer person and why should you need to know about cyber crimes and its protections, and then just think about your bank account which you use and your credit cards and your online purchase. All these things are the main target of hacker which you use daily in your life.

Cyber crimes
All the organizations and companies have a network of systems for storing and accessing their private information which are confidential. These data is the top secret part of the company. But hackers always try to break the security of these systems to get that secret information of the company. According to the latest cyber crime report by Symantec, cyber crime costs more that $114 billion annually. This is a huge loss by cyber crimes.  The report also says that 14 adults become the victim of cyber crimes in a minute. You can imagine the dangers.  Most of the hackers work individual and hack only for their profit. But there are many companies who hire hackers to know the hidden secrets of the competitors company. So the world is full of hackers and threats. Do you know how to be safe and what to do in this bad cyber world.
Hackers or cyber criminals are the persons who use their computer knowledge for accessing or stealing without authorization. Now most of the security organizations have proposed to declare cyber criminal as terrorists. Hacking is the biggest problem now a day.  We can see the past 6 months. Some hacker groups have costs a lot to Sony and some other organizations. They had also accessed and published secret data of some security organizations. They had also hacked some networks and website. Lulzsec and Anonymous are the main 2 hackers groups and cyber police of many countries are in search of the members of these groups. Hackers use all the latest bugs and vulnerabilities to hack and the most dangerous thing is that they know how to hide their real identity in the cyber world.  If you look at the recent high profile cyber crime cases, you will see that the hackers have cost a lot to the most reputed companies by stealing their network data and secret information. But they are still unknown. No one knows who are they? where they live?, how they do?
Sometimes I think they are most advanced than the security experts working on those companies but they do not have that much educational qualification. They are talented but use their knowledge in bad works.
Working process of hackers is similar. The complete hacking can be defined as a set of steps performed by hackers.  These are Information gathering, scanning, gaining access, maintaining access and clearing tracks. Information gathering and scanning involves getting knowledge about the target system or victim whom they want to hack. After having enough knowledge about the target system, hackers try to exploit vulnerabilities of the target and gain access to unauthorized data. Then they maintain access to get some secret data of the company and steal important information. Finally they clear all the tracks so that no one will able to find them. This is what they are invisible on the internet.

Figure1: Steps performed by hacker
Catching a hacker is not so easy. But securing your network is much easy and recommended.
Need of Ethical hackers
So most of the organization now hire hackers who try to secure the company system security by finding vulnerabilities and security holes. These hackers are called Ethical hackers. An Ethical Hacker will follow the same Techniques and Methodologies as a Malicious Hacker, however, in the end, The found vulnerabilities of Security Flaws are either Reported (Responsible Disclosure/Open Disclosure) or Fixed. This is also called Penetration Testing which is also called as pentest in short.  Working of ethical hackers can also be shown as a graphical image which is given below.


Figure2: Steps performed by Ethical hacker
If you take a look on the steps performed by hackers and ethical hackers, you will see that the starting 3 steps are similar in both hackers. But the last steps are different. Ethical hacker reports the vulnerabilities to the organization while hackers maintain the access to access secret data of the company and then clear all the tracks. Reporting vulnerability is the main work of Ethical hacker. Now company will have to work on patching those found vulnerabilities. This is what we called best step of protection against hackers.
One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems.”
Skills Required Becoming an Ethical Hacker
Ethical hackers are those persons who stay 1 step ahead from the malicious hackers so they must be computer system experts having knowledge about computer programming, networking, operating systems, web programming and various security aspects. Ethical hackers do not need to have strong command of the countermeasure that can prevent attacks. Their work is only to report the vulnerability to the organization’s security team.
Ethical hacking has following steps:
1. Talk to the client, and discuss the needs to be addressed during the testing of system, network or application.
2. Prepare and sign nondisclosure agreement (NDA) documents with the client.
3. Organize an ethical hacking team, and prepare a schedule for testing.
4. Conduct the test.
5. Analyze the results of the testing, and prepare a report.
6. Present the report to the client about the vulnerabilities.
But the most important things which an Ethical hacker should know that No ethical hacking activities or testing associated with a network security test or system security audit should be start until a signed legal document has been given to ethical hacker express the permission to perform the hacking and testing activities on network or system is received from the target organization. This type of legal document is necessary because it can cause a trouble to the ethical hacker if he does not have proof to show that he has been allowed from the company.
The other important thing which he should know is that the details of the ethical hacking report must be kept confidential, because they highlight the organization’s security risks and vulnerabilities. If this document falls into the wrong hands, the results can be harmful for the organization.
In security field one more term is used vulnerability assessment which is simply identifies and reports noted vulnerabilities. But it is not the same thing as Penetration testing. Penetration testing tries to exploit those vulnerabilities for unauthorized access. It’s not a onetime action. It should be done regularly.
Penetration testing
Penetration testing is very important for anyone who stores important and sensitive information in systems. The only way anyone can be sure there are no security risks are if they have had their entire security system assessed and then made adjustments as necessary. This can only be done by penetration testing.  You can see the steps in process of penetration testing in the figure below.

Figure 3: steps in penetration testing
You can see that the last step is re test. Now you can understand why I wrote that penetration testing should be done regularly.
With the advancement in technology, hackers try to create new type of attacks, so all the older countermeasures will not work against these attacks. This is the reason why ethical hackers need to update their information on these types of new attacks so that they can create a good protection against these attacks. They should learn how these attacks are performed and then try to attack it on the network or systems, to check if systems are really secure. If not, then they try to secure systems and networks to prevent these attacks. So the new attacks are the reason why penetration testing is a regular process.
“The Information Assurance Certification Review Board (IACRB) manages a penetration testing certification known as the Certified Penetration Tester (CPT). The CPT requires that the exam candidate pass a traditional multiple choice exams, as well as pass a practical exam that requires the candidate to perform a penetration test against live servers.”
Penetration testing can be carried out by several ways but in general we define as following 2 types
Black box penetration testing: In this type of penetration testing tester have no prior knowledge of the infrastructure to be tested. He should get all the information about the infrastructure of the network by some testing, guessing and skills. This testing is like the real attack on the system or network by the hackers. Because tester also has no given information about the infrastructure. Many companies use this type of penetration testing because this is the real time testing which feels like real hackers are doing on the network. But it slows down the system and network performance during testing time because there are so many testing tools used by the testers which use bandwidth and resources.
White box penetration testing: In white box penetration testing tester has complete knowledge of the infrastructure to be tested such as network diagram, source code of application, server settings. This information helps tester in his work. But this type of testing is not so effective.
Gray box penetration testing: This is the combination of black box and white box testing. In this some information are given to the tester not all. This type of testing is used in most of the organizations. It takes less time with more vulnerability exposure. It is easy to work for testers in this type of testing.
Risks involved in penetration testing
But penetration testing must be done carefully. It also has some risk. In white box testing, tester has access to the code and during testing it can harm the code by mistakes. And in black box testing tester use so many tools to scan and attack on the network or systems which slow down the system performance of the network or system. The possibility exists that systems may be damaged in the course of penetration testing. Every attack has some negative impact on the network and the system and it may cause some times loss to the company. But it can be minimized by hiring experienced professionals and monitoring all the steps. Backup of all the things is also necessary. But the most dangerous risk is information leakage of the company. The person hired for the penetration testing of the company should work under proper guidance of the company. As part of company’s penetration testing team, he will be able to know all the hidden secrets of the company. The hidden infrastructures and network loop holes. If he is not monitored properly, he can misuse those information are leak the information to other companies which are your competitors in the market
Conclusion
So we can say that ethical hacking and penetration testing are related to each other. Penetration testing is done with Ethical hacking with protection against attacks.  In general the testers in the process of penetration testing are Ethical hackers. They can be the part of the company or some individual persons hired by the company for the network and system testing. Most of the company hire some certified ethical hackers to be a part of the company’s security team but most of the famous ethical hackers work on hourly basis and do not want to join any company. So companies hire them for their work. But company should track all the work done by Hired Ethical hacker because he is not the company person but he will have all the secret details such as security infrastructure of the company. He may leak the company secret information to other company. So it’s really important to take care while hiring any Ethical hacker for the company.
Cyber crimes are increasing day by day so need of ethical hackers and penetration testers are also increasing. Having a permanent Ethical hacker is secure than hiring some out members. SO many companies are now hiring permanent Ethical hackers for the company.  This can be a better career option for a person having interest in computers and network security. There are many reputed organizations which conduct exams and running courses for penetration testing and ethical hacking. One can join those institutes for being a certified ethical hacker and penetration tester.

BLOG AUTHORS